PT-2020-19804 · Lg Electronics · Lgpcsuite Setup+3
Eran Shimony
·
Published
2020-09-14
·
Updated
2020-09-21
·
CVE-2020-7807
CVSS v3.1
5.6
Medium
| Vector | AV:L/AC:H/PR:H/UI:R/S:U/C:N/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
LGPCSuite Setup version 1.0.0.3
IPSFULLHD version 1.0.0.9
LG ULTRAWIDE version 1.0.0.9
ULTRA HD Driver Setup version 1.0.0.9
Description
A vulnerability exists that can hijack a DLL file loaded during the installation of certain LG Electronics products. This issue is due to missing support for integrity checks in a component of the affected products, allowing an attacker to cause an impact.
Recommendations
For LGPCSuite Setup version 1.0.0.3, update to a version that includes support for integrity checks to prevent DLL hijacking.
For IPSFULLHD version 1.0.0.9, update to a version that includes support for integrity checks to prevent DLL hijacking.
For LG ULTRAWIDE version 1.0.0.9, update to a version that includes support for integrity checks to prevent DLL hijacking.
For ULTRA HD Driver Setup version 1.0.0.9, update to a version that includes support for integrity checks to prevent DLL hijacking.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Ipsfullhd
Lgpcsuite Setup
Lg Ultrawide
Ultra Hd Driver Setup